In today's computing age, mobile devices are achieving widespread use and great sophistication. In many instances, mobile devices can install and execute software applications that are much more advanced than in even recent years past. Many times, those software applications are installed while the mobile device is connected to a land-line network. However, today's technology even allows software applications to be downloaded over-the-air to some wireless mobile devices.
Wireless transmissions are at a higher risk of being intercepted or otherwise interfered with than their land-line counterparts. Accordingly, the industry is evolving ways to ensure the integrity of downloaded applications to prevent malicious code from being interjected into the transmission. One way in which to ensure the integrity of a download is by using digital certificates and signatures. These mechanisms enable a mobile device to determine that a package downloaded over-the-air (or otherwise) is actually the same package that was created by a trusted source. The digital certificates authenticate that the sender is a trusted source, and the digital signatures authenticate that the package has not been tampered with since being transmitted. Both are commonly used in security schemes.
Users often take advantage of the security provided by digital certificates and signatures. In many cases, however, these mechanisms are either not available or not necessary. Enforcing digital certificates and/or signatures helps to ensure security but at the sacrifice of not being able to install some applications. Not enforcing digital certificates and/or signatures enables the user to install applications, but at the risk of potentially malicious applications being loaded. An adequate solution to this dilemma has eluded those skilled in the art.